Use internal registry url to push artifact accessory (#20575)

fixes #20565

Signed-off-by: stonezdj <stone.zhang@broadcom.com>
This commit is contained in:
stonezdj(Daojun Zhang) 2024-06-14 17:10:52 +08:00 committed by GitHub
parent 6a38ed3d77
commit e960711579
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 10 additions and 26 deletions

View File

@ -5,7 +5,7 @@ env:
POSTGRESQL_USR: postgres POSTGRESQL_USR: postgres
POSTGRESQL_PWD: root123 POSTGRESQL_PWD: root123
POSTGRESQL_DATABASE: registry POSTGRESQL_DATABASE: registry
DOCKER_COMPOSE_VERSION: 1.23.0 DOCKER_COMPOSE_VERSION: 2.27.1
HARBOR_ADMIN: admin HARBOR_ADMIN: admin
HARBOR_ADMIN_PASSWD: Harbor12345 HARBOR_ADMIN_PASSWD: Harbor12345
CORE_SECRET: tempString CORE_SECRET: tempString
@ -66,7 +66,7 @@ jobs:
env env
#sudo apt install -y xvfb #sudo apt install -y xvfb
#xvfb-run ls #xvfb-run ls
curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
chmod +x docker-compose chmod +x docker-compose
sudo mv docker-compose /usr/local/bin sudo mv docker-compose /usr/local/bin
IP=`hostname -I | awk '{print $1}'` IP=`hostname -I | awk '{print $1}'`
@ -131,7 +131,7 @@ jobs:
df -h df -h
#sudo apt install -y xvfb #sudo apt install -y xvfb
#xvfb-run ls #xvfb-run ls
curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
chmod +x docker-compose chmod +x docker-compose
sudo mv docker-compose /usr/local/bin sudo mv docker-compose /usr/local/bin
- name: install - name: install
@ -186,7 +186,7 @@ jobs:
df -h df -h
#sudo apt install -y xvfb #sudo apt install -y xvfb
#xvfb-run ls #xvfb-run ls
curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
chmod +x docker-compose chmod +x docker-compose
sudo mv docker-compose /usr/local/bin sudo mv docker-compose /usr/local/bin
- name: install - name: install
@ -240,7 +240,7 @@ jobs:
df -h df -h
#sudo apt install -y xvfb #sudo apt install -y xvfb
#xvfb-run ls #xvfb-run ls
curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
chmod +x docker-compose chmod +x docker-compose
sudo mv docker-compose /usr/local/bin sudo mv docker-compose /usr/local/bin
- name: install - name: install
@ -292,7 +292,7 @@ jobs:
df -h df -h
#sudo apt install -y xvfb #sudo apt install -y xvfb
#xvfb-run ls #xvfb-run ls
curl -L https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose curl -L https://github.com/docker/compose/releases/download/v${DOCKER_COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` > docker-compose
chmod +x docker-compose chmod +x docker-compose
sudo mv docker-compose /usr/local/bin sudo mv docker-compose /usr/local/bin
IP=`hostname -I | awk '{print $1}'` IP=`hostname -I | awk '{print $1}'`

View File

@ -22,13 +22,11 @@ import (
"strings" "strings"
"time" "time"
"github.com/goharbor/harbor/src/common"
"github.com/goharbor/harbor/src/common/rbac" "github.com/goharbor/harbor/src/common/rbac"
"github.com/goharbor/harbor/src/controller/artifact" "github.com/goharbor/harbor/src/controller/artifact"
scanCtl "github.com/goharbor/harbor/src/controller/scan" scanCtl "github.com/goharbor/harbor/src/controller/scan"
"github.com/goharbor/harbor/src/jobservice/job" "github.com/goharbor/harbor/src/jobservice/job"
"github.com/goharbor/harbor/src/jobservice/logger" "github.com/goharbor/harbor/src/jobservice/logger"
"github.com/goharbor/harbor/src/lib/config"
"github.com/goharbor/harbor/src/lib/errors" "github.com/goharbor/harbor/src/lib/errors"
"github.com/goharbor/harbor/src/lib/log" "github.com/goharbor/harbor/src/lib/log"
"github.com/goharbor/harbor/src/lib/orm" "github.com/goharbor/harbor/src/lib/orm"
@ -54,7 +52,6 @@ const (
func init() { func init() {
scan.RegisterScanHanlder(v1.ScanTypeSbom, &scanHandler{ scan.RegisterScanHanlder(v1.ScanTypeSbom, &scanHandler{
GenAccessoryFunc: scan.GenAccessoryArt, GenAccessoryFunc: scan.GenAccessoryArt,
RegistryServer: registry,
SBOMMgrFunc: func() Manager { return Mgr }, SBOMMgrFunc: func() Manager { return Mgr },
TaskMgrFunc: func() task.Manager { return task.Mgr }, TaskMgrFunc: func() task.Manager { return task.Mgr },
ArtifactControllerFunc: func() artifact.Controller { return artifact.Ctl }, ArtifactControllerFunc: func() artifact.Controller { return artifact.Ctl },
@ -67,7 +64,6 @@ func init() {
// scanHandler defines the Handler to generate sbom // scanHandler defines the Handler to generate sbom
type scanHandler struct { type scanHandler struct {
GenAccessoryFunc func(scanRep v1.ScanRequest, sbomContent []byte, labels map[string]string, mediaType string, robot *model.Robot) (string, error) GenAccessoryFunc func(scanRep v1.ScanRequest, sbomContent []byte, labels map[string]string, mediaType string, robot *model.Robot) (string, error)
RegistryServer func(ctx context.Context) (string, bool)
SBOMMgrFunc func() Manager SBOMMgrFunc func() Manager
TaskMgrFunc func() task.Manager TaskMgrFunc func() task.Manager
ArtifactControllerFunc func() artifact.Controller ArtifactControllerFunc func() artifact.Controller
@ -96,8 +92,10 @@ func (h *scanHandler) PostScan(ctx job.Context, sr *v1.ScanRequest, _ *scanModel
Registry: sr.Registry, Registry: sr.Registry,
Artifact: sr.Artifact, Artifact: sr.Artifact,
} }
// the registry server url is core by default, need to replace it with real registry server url scanReq.Registry.Insecure = strings.HasPrefix(scanReq.Registry.URL, "http://")
scanReq.Registry.URL, scanReq.Registry.Insecure = h.RegistryServer(ctx.SystemContext()) // the registry URL should not contain http:// or https:// prefix
scanReq.Registry.URL = strings.TrimPrefix(scanReq.Registry.URL, "http://")
scanReq.Registry.URL = strings.TrimPrefix(scanReq.Registry.URL, "https://")
if len(scanReq.Registry.URL) == 0 { if len(scanReq.Registry.URL) == 0 {
return "", fmt.Errorf("empty registry server") return "", fmt.Errorf("empty registry server")
} }
@ -170,19 +168,6 @@ func (h *scanHandler) Update(ctx context.Context, uuid string, report string) er
return nil return nil
} }
// extract server name from config, and remove the protocol prefix
func registry(ctx context.Context) (string, bool) {
cfgMgr, ok := config.FromContext(ctx)
if ok {
extURL := cfgMgr.Get(context.Background(), common.ExtEndpoint).GetString()
insecure := strings.HasPrefix(extURL, "http://")
server := strings.TrimPrefix(extURL, "https://")
server = strings.TrimPrefix(server, "http://")
return server, insecure
}
return "", false
}
// retrieveSBOMContent retrieves the "sbom" field from the raw report // retrieveSBOMContent retrieves the "sbom" field from the raw report
func retrieveSBOMContent(rawReport string) ([]byte, *v1.Scanner, error) { func retrieveSBOMContent(rawReport string) ([]byte, *v1.Scanner, error) {
rpt := sbom.RawSBOMReport{} rpt := sbom.RawSBOMReport{}

View File

@ -147,7 +147,6 @@ func (suite *SBOMTestSuite) SetupSuite() {
suite.handler = &scanHandler{ suite.handler = &scanHandler{
GenAccessoryFunc: mockGenAccessory, GenAccessoryFunc: mockGenAccessory,
RegistryServer: mockGetRegistry,
SBOMMgrFunc: func() Manager { return suite.sbomManager }, SBOMMgrFunc: func() Manager { return suite.sbomManager },
TaskMgrFunc: func() task.Manager { return suite.taskMgr }, TaskMgrFunc: func() task.Manager { return suite.taskMgr },
ArtifactControllerFunc: func() artifact.Controller { return suite.artifactCtl }, ArtifactControllerFunc: func() artifact.Controller { return suite.artifactCtl },